PT-2006-3545 · Novell · Novell Client For Windows

Eitan Caspi

Published

2006-05-26

Updated

2018-10-18

CVE-2006-2612

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Novell Client for Windows versions 4.8 through 4.9

Description The issue allows users with physical access to a locked machine to read the current clipboard contents by pasting them into the "User Name" field on the login prompt, due to a lack of restriction on access to the clipboard contents.

Recommendations For Novell Client for Windows versions 4.8 through 4.9, consider restricting access to the login prompt or clearing the clipboard contents when the machine is locked as a mitigation measure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-2612

Affected Products

Novell Client For Windows

PT-2006-3545 · Novell · Novell Client For Windows

CVE-2006-2612

Related Identifiers

Affected Products

References · 7